December 11, 2024 at 07:41AM The newly identified ransomware group Termite appears responsible for exploiting a vulnerability in Cleo’s file transfer software. This issue allows unauthorized file access and potential remote code execution, affecting around 1,700 servers, primarily in the US retail sector. Cleo plans to release a fix for the vulnerability soon. ### Meeting … Read more
December 10, 2024 at 04:05PM The ransomware group “Termite” is exploiting a recently disclosed vulnerability (CVE-2024-50623) in Cleo’s file transfer software, impacting multiple sectors. Although Cleo is developing a new patch, existing versions, including the patched one, remain vulnerable. Researchers advise immediate protective measures for exposed systems until a fix is released. ### Meeting Takeaways: … Read more
December 10, 2024 at 08:44AM Huntress reports widespread exploitation of a vulnerability in Cleo file management products, affecting patched systems. The bug, CVE-2024-50623, allows remote code execution, impacting over 1,700 servers. At least ten customers are compromised, prompting Huntress to recommend firewall protection and other mitigations while awaiting an updated patch from Cleo. ### Meeting … Read more